Vulnerabilities > FR Simon Rundell > PD Resources

DATE CVE VULNERABILITY TITLE RISK
2009-12-22 CVE-2009-4397 Cross-Site Scripting vulnerability in Fr.Simon Rundell PD Resources
Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
2009-12-22 CVE-2009-4396 SQL Injection vulnerability in Fr.Simon Rundell PD Resources
SQL injection vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
fr-simon-rundell typo3 CWE-89
7.5